Solved

VPN not working with TMG 2010

Posted on 2012-04-04
11
1,476 Views
Last Modified: 2012-05-05
Dear All,

I have TMG 2010 standalone array (2 servers), I configure the VPN, when I try to connect using VPN, it’s work fine, I can connect, but still I can’t see anything in my network.

When I check TMG, I found the error attached.

I attached the network configuration in my TMG servers and the Route Print.

What I have to do to make them work?

Thanks
route-print.JPG
IP-for-VPN-in-TMG.JPG
Internal-Addresses.JPG
error.JPG
0
Comment
Question by:ACS2012
11 Comments
 
LVL 6

Accepted Solution

by:
emadallan earned 250 total points
ID: 37805365
0
 
LVL 2

Assisted Solution

by:jpvargassoruco
jpvargassoruco earned 250 total points
ID: 37805774
IP-for-VPN-in-TMG.JPG here I can see that you are using a diferent range of IP addresses, This range needs to be a part of this Internal-Addresses.JPG
Hope it helps
0
 

Author Comment

by:ACS2012
ID: 37814624
Hi all,

Now the VPN is work without error in the TMG, I can connect via the VPN and I can see my connection in the TMG server.

But i’m facing a problem; I can’t access anything in my network.

I check the IP taken via the VPN, it’s the same from the list which I specify in the VPN configuration.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 6

Expert Comment

by:emadallan
ID: 37815625
try to create a dns rule in your both side of TMG that allow : source internal lan+ localhost+ vpnsite1 to connect to destination of your vpn site2 and vice versa
0
 

Author Comment

by:ACS2012
ID: 37815664
hi emadallan,

how i can do that?

is there a requirements to add a static route for the VPN IP range?
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37815676
no, it's not a problem of static route, just open your TMG Console and add a firewall rule that allow dns, smb(in case u want to access sharing files) protocols in both side of TMG
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37815687
this is an URL that describe the principales of creating a firewall rules, then you specify the protocols you want:
http://retrohack.com/let-me-out-configuring-outbound-access-rules-in-tmg-2010/
0
 

Author Comment

by:ACS2012
ID: 37815721
i already have a rule to allow everything between internal and VPN users
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37816843
even if you have everythings rule!! it will not works, so create a specific rule as mentioned and make its priority before the everythings rule!!
0
 

Author Comment

by:ACS2012
ID: 37818883
i'm still face the same problem, the VPN user is connected but i can't access anything in the network.

please see the attached.
1.JPG
2.JPG
3.JPG
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 37825242
You could try looking at the session, with TMG logging, monitor for the username in question - Clientusername.

Other thing, do other router know for TMG VPN users network 172.16.105.1 - .125?
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now